internal-link-optimizer
Pass
Audited by Gen Agent Trust Hub on Apr 25, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill invokes a local Python helper script
scripts/sitemap_urls.pyto extract URL lists from website sitemaps. - [EXTERNAL_DOWNLOADS]: The Python script performs network requests to download XML sitemap content from user-provided or target URLs.
- [DATA_EXFILTRATION]: The skill initiates outbound network connections via the
urllib.requestmodule inscripts/sitemap_urls.pyto retrieve data from external web servers. - [PROMPT_INJECTION]: The skill represents a surface for indirect prompt injection by ingesting and processing untrusted content from external sitemaps. Ingestion points: External XML data fetched and parsed by
scripts/sitemap_urls.py. Boundary markers: Absent; there are no instructions or delimiters to prevent the agent from interpreting content within sitemap tags as commands. Capability inventory: The skill utilizesReadandWritetools and the ability to execute subprocesses (Python script) with network access. Sanitization: The script uses structured XML parsing to target<loc>tags, which provides basic filtering but does not validate or sanitize the string content of the URLs themselves.
Audit Metadata